Meta

Magento SUPEE-5344 – Shoplift Bug Patch

In late January of 2015 the first remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to Magento by Check Point Software Technologies. This bug affects both Magento Enterprise Edition and Magento Community Edition, and it allows attackers to obtain control over a store and its sensitive data, including personal customer information. As of February 9, 2015, Magento released a patch for this issue.

Patched Sites

To determine if your site has been patched, you can enter your URL in the search box here. A tool to test the risk level of your store can be found here.

Solution

It is strongly recommended to implement the following patches if your site has not been patched already.

Act Now

While many of have successfully downloaded the patch, there is still a large number of those who still have not done so. Even after applying the patch, if your store was affected before the patch was applied, then it would still be compromised. Don’t hesitate to contact us at Centennial Arts with the link below to ensure that your Magento store is secure!